Update Log4J2 Version #38

feinstein · 2017-12-12T05:14:59Z

Log4j2 is currently on version 2.10.0 and this library is still referencing version 2.8.2.

Please update the library.

The text was updated successfully, but these errors were encountered:

carlzogh · 2020-05-20T12:40:57Z

Hey @feinstein - Log4j dependencies have been updated to 2.13.2 as part of aws-lambda-java-log4j2 version 1.2.0.

ref: https://github.com/aws/aws-lambda-java-libs/blob/master/aws-lambda-java-log4j2/RELEASE.CHANGELOG.md

feinstein · 2020-05-20T13:59:59Z

Thanks, but seriously you guys need to rethink your worfklow. It took 2 years and a half to update a library reference.

This is specially troublesome as "Using Components with Known Vulnerabilities" is the OWASP 9th most security risk.

* [alc] fix nullpointer exception when logging null --------- Co-authored-by: Daniel Torok <[email protected]>

carlzogh closed this as completed May 20, 2020

dtorok added a commit that referenced this issue Sep 4, 2023

[alc] fix nullpointer exception when logging null (#38)

a303f32

* [alc] fix nullpointer exception when logging null --------- Co-authored-by: Daniel Torok <[email protected]>

smirnoal pushed a commit that referenced this issue Sep 4, 2023

[alc] fix nullpointer exception when logging null (#38) (#439)

5777886

* [alc] fix nullpointer exception when logging null --------- Co-authored-by: Daniel Torok <[email protected]>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Update Log4J2 Version #38

Update Log4J2 Version #38

feinstein commented Dec 12, 2017

carlzogh commented May 20, 2020 •

edited

Loading

feinstein commented May 20, 2020

Update Log4J2 Version #38

Update Log4J2 Version #38

Comments

feinstein commented Dec 12, 2017

carlzogh commented May 20, 2020 • edited Loading

feinstein commented May 20, 2020

carlzogh commented May 20, 2020 •

edited

Loading